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THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
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DETAILED ACTION 

1 . This office action is in response to applicants' application serial no. 09/613,983 
filed on 7/12/2000. 

Claim Rejections - 35 USC § 102 

2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

Claims 1-36 are rejected under 35 U.S.C. 102(b) as being anticipated by Blakley, 
III et al. (U.S. Patent No. 5,862,323, hereinafter Blakley). 

In respect to claim 1 , Blakley discloses a computing environment having a 
connection to a network, a computer program product for securely propagating security 
credentials from a trusted master registry, the computer program product embodied on 
one or more computer-readable media and comprising: 

computer-readable program code means for establishing a secure connection 
between a client and a password synchronization agent (PSA) (see col. 3, lines 35-46); 

computer-readable program code means for transmitting an identifier of a user 
and an identifying secret of the user to the PSA (see col. 3, lines 35-46); 

computer-readable program code means for validating the user with the trusted 
master registry using the transmitted user identifier and identifying secret; and 
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computer-readable program code means for propagating the identifying secret of 
the user to one or more target registries if the validation succeeds (see col. 2, lines 55- 
coL 3, lines 20, col. 6, lines 40-60). 

In respect to claim 2, Blakley discloses the computer program product according 
to Claim 1, further comprising: 

computer-readable program code means for establishing a second secure 
connection between the PSA and the trusted master registry (see col. 1 1 , lines 27-31 ); 
and 

computer-readable program code means for using the second secure connection 
for the validating of the user (see col. 2, lines 34-44). 

In respect to claim 3, Blakley discloses the computer program product according 
to Claim 1 , further comprising: 

computer-readable program code means for establishing additional secure 
connections between the PSA and each of the target registries; and computer-readable 
program code means for using the additional secure connections for the propagating of 
the identifying secret (see col. 8, lines 34-44). 

In respect to claim 4, Blakley discloses the computer program product according 
to Claim 1, wherein the master registry stores password synchronization policy 
information, and wherein the computer-readable program code means for propagating 
the identifying secret further comprises computer-readable program code means for 
identifying the target repositories using the stored, password synchronization policy 
information for the user (see col. 3, lines 54-60, col. 5, lines 49-62, col. 6, lines 40-60). 
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In respect to claim 5, Blakley discloses the computer program product according 
to Claim 1, wherein the master registry stores password synchronization policy 
information, and wherein the computer-readable program code means for propagating 
the identifying secret further comprises computer-readable program code means for 
identifying the target repositories using the stored password synchronization policy 
information for a user group of which the user is a member (see col. 5, lines 49-62, col. 
6, lines 40-60). 

In respect to claim 6, Blakley discloses the computer program product according 
to Claim 1, wherein the computer-readable program code means for establishing the 
secure connection further comprises computer-readable program code means for 
authenticating the PSA to the client (see col. 5, lines 49-62, col, 6, lines 40-60). 

In respect to claim 7, Blakley discloses the computer program product according 
to Claim 2, wherein the computer-readable program code means for establishing the 
second secure connection further comprises computer readable program code means 
for authenticating the master registry to the PSA (see col. 2, lines 34-45). 

In respect to claim 8, Blakley discloses the computer program product according 
to Claim 3, wherein the computer-readable program code means for establishing 
additional secure connections further comprises computer readable program code 
means for authenticating the one or more target registries to the PSA (see col. 2, lines 
34-45). 
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In respect to claim 9, Blakley discloses the computer program product according 
to Claim 1 , wherein the computer-readable program code means for validating further 
comprises: 

computer-readable program code means for performing a security function on 
the identifying secret of the user, wherein the security function comprises one of (i) a 
one-way hashing algorithm or (ii) an encryption algorithm (see col. 3, lines 9-19); 

computer-readable program code means for using the user identifier to locate a 
previously-stored identifying secret of the user which was stored by the master registry; 
and computer-readable program code means for comparing the located identifying 
secret to a result of performing the security function (see col. 2, lines 34-45). 

In respect to claim 10, Blakley discloses the computer program product 
according to Claim 1 , wherein the computer-readable program code means for 
validating further comprises computer-readable program code means for invoking an 
authenticated LDAP bind or other native authentication mechanism of the master 
registry, wherein the identifier of the user and the identifying secret of the user are 
passed to the master registry, thereby causing the master registr-y to validate the 
passed identifier and identifying secret and return a result which reports a success or 
failure of the validation (see col. 7, line 52-coL 8, line 4) . 

In respect to claim 1 1 , Blakley discloses the computer program product 
according to Claim 1, wherein the PSA has administrative authority for performing 
operations at the one or more target registries (see coL 1 1 , lines 27-31). 
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In respect to claim 12, Blakley discloses the computer program product 
according to Claim 1, further comprising: 

computer-readable program code means for obtaining a new value from the user 
to be used as the propagated identifying secret; and computer-readable program code 
means for substituting this new value for the identifying secret prior to operation of the 
computer-readable program code means for propagating (see col. 7, line 52-col. 8, line 
4). 

In respect to claims 13-24, the claim limitations are system claims that are 
substantially similar to computer readable medium claims 1-12. Therefore, claims 13- 
24 are rejected based on the similar rationale. 

In respect to claims 25-36, the claim limitations are method claims that are 
substantially similar to computer readable medium claims 1-12. Therefore, claims 25- 
36 are rejected based on the similar rationale. 

Conclusion 

3. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

-Huynh et al. Disclose a system, method and data structure provide for securely 
synchronizing passwords and/or other information between systems. 

-Swift et al. Disclose a method for changing passwords on a remote computer. 

-Blakely, III et al. disclose a configurable password integrity servers for use in a 
shared resource environment. 
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-Perlman discloses a method and system for establishing a shared secret using 
an authentication token. 

-Suchter discloses a managing changes to a directory of electronic documents. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Tongoc Iran whose telephone number is (703) 305- 
7690. The examiner can normally be reached on 8:30-5:00 M-F. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gregory A. Morse can be reached on (703) 308-4789. The fax phone 
number for the organization where this application or proceeding is assigned is (703) 



Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is (703)305- 
9600. 



746-7240. 
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